Ox Guard Open Xchange Ox Guard

Do you want an email whenever new security vulnerabilities are reported in Open Xchange Ox Guard?

By the Year

In 2024 there have been 0 vulnerabilities in Open Xchange Ox Guard . Last year Ox Guard had 1 security vulnerability published. Right now, Ox Guard is on track to have less security vulnerabilities in 2024 than it did last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 1 5.40
2022 0 0.00
2021 1 7.50
2020 0 0.00
2019 1 8.80
2018 0 0.00

It may take a day or so for new Ox Guard vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Open Xchange Ox Guard Security Vulnerabilities

Users were able to set an arbitrary "product name" for OX Guard

CVE-2023-26456 5.4 - Medium - November 02, 2023

Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code execution, allowing an attacker to build a foothold. Sanitization is in place for product names now. No publicly available exploits are known.

XSS

OX Guard 2.10.4 and earlier allows a Denial of Service via a WKS server

CVE-2020-28944 7.5 - High - April 30, 2021

OX Guard 2.10.4 and earlier allows a Denial of Service via a WKS server that responds slowly or with a large amount of data.

Resource Exhaustion

OX Guard 2.8.0 has CSRF.

CVE-2018-10986 8.8 - High - July 03, 2019

OX Guard 2.8.0 has CSRF.

Session Riding

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Open Xchange Ox Guard or by Open Xchange? Click the Watch button to subscribe.

subscribe